Smart card and access method thereof

ABSTRACT

A smart card and an access method thereof for use with a smart card management system are provided. The smart card management system comprises a smart card access apparatus and a card server. The smart card access apparatus is electrically connected to the smart card. The smart card is configured to store a plurality of application data and management information corresponding to the application data. The smart card access apparatus may transmit a modification signal of a user to the smart card. The smart card may modify the management information according to the modification signal to generate modified management information when the smart card access apparatus is disconnected from the card serve. Therefore, the contents of the smart card may be managed when the smart card access apparatus is disconnected from the card server.

This application claims priority to Taiwan Patent Application No.098138824 filed on Nov. 16, 2009.

CROSS-REFERENCES TO RELATED APPLICATIONS

Not applicable.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention relates to a smart card and an access methodthereof. More specifically, the present invention relates to a smartcard and an access method thereof for use with a smart card managementsystem.

2. Descriptions of the Related Art

In recent years, as the smart card technology is matured increasingly,applications thereof become diversified accordingly. The most commonlyfound application of smart cards in the daily life is the Easy cardsystem that is indispensable to metro or bus transportation. Besides,smart cards have also been found widely in e-business, access controlapplications and various electronic products.

According to the current smart card system architecture, a smart cardsystem typically comprises a card server, a smart card access apparatus(e.g., a card reader) and a smart card. The smart card access apparatusmay be connected to the card server via a network. The smart card may beelectrically connected to the smart card access apparatus to interactwith the card server via the smart card access apparatus. The smart cardis configured to store therein various transaction data, privateinformation and so on. To ensure that the various data stored in thesmart card is prevented from being stolen by an illegal user, theconventional smart card system protects the smart card through thefollowing management mechanism.

Generally, both the card server and the smart card have anauthentication key stored therein, and in consideration of safetyconcerns, the keys are not stored in the smart card access apparatus. Ifa user desires to operate or process data stored in the smart card viathe smart card access apparatus, an authentication process shall becarried out between the smart card and the card server by means of therespective keys they have, so as to identify that the user is a legaluser who is allowed to operate or process the data stored in the smartcard.

In other words, as restricted by the fact that the keys can only bestored in the card server and the smart card, this authenticationprocess can only be accomplished when the card server and the smart cardaccess apparatus are connected. However, in real life, to keep the cardserver and the smart card access apparatus that is used over the counterconnected at any time is somewhat difficult and wastes the connectionresources. Moreover, the most widely used multi-application smart cardglobal platform has not provided an effective solution for off-linesmart card authentication yet.

Accordingly, an urgent need exists in the art to provide a solution thatmay still protect and manage data stored in a smart card effectivelywhen the smart card access apparatus is disconnected from the cardserver.

SUMMARY OF THE INVENTION

An objective of the present invention is to provide a smart card. Thesmart card is adapted for use with a smart card management system. Thesmart card management system comprises a smart card access apparatus anda card server. The smart card access apparatus is electrically connectedwith the smart card and adapted to transmit a modification signal of auser. The smart card comprises a transmission interface, a storage unitand a microprocessor. The transmission interface is electricallyconnected to the smart card access apparatus and configured to receivethe modification signal. The storage unit is configured to store aplurality of application data and management information correspondingto the application data. The microprocessor is electrically connected tothe storage unit and the transmission interface, and configured tomodify the management information according to the modification signalto generate modified management information when the smart card accessapparatus is disconnected from the card server.

Another objective of the present invention is to provide an accessmethod for a smart card. The smart card is adapted for use with a smartcard management system. The smart card management system comprises asmart card access apparatus and a card server. The smart card accessapparatus is electrically connected with the smart card and adapted totransmit a modification signal of a user. The smart card comprises atransmission interface, a storage unit and a microprocessor. Themicroprocessor is electrically connected to the storage unit and thetransmission interface, and the transmission interface is electricallyconnected to the smart card access apparatus. The storage unit isconfigured to store a plurality of application data and managementinformation corresponding to the application data. The access methodcomprises the following steps of: enabling the transmission interface toreceive the modification signal; and enabling the microprocessor tomodify the management information according to the modification signalto generate modified management information when the smart card accessapparatus is disconnected from the card server.

In summary, the present invention is characterized in that, when a smartcard access apparatus is disconnected from a card server, the smart cardmay modify the management information according to the modificationsignal to generate modified management information. In this way, theprevent invention may overcome the drawback of the prior art that themanagement information stored in the smart card may only be modifiedwhen the smart card access apparatus is connected to the card server.

The detailed technology and preferred embodiments implemented for thesubject invention are described in the following paragraphs accompanyingthe appended drawings for people skilled in this field to wellappreciate the features of the claimed invention.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a schematic view of a first embodiment of the presentinvention;

FIG. 2 is a schematic view illustrating a structure of managementinformation of the present invention; and

FIGS. 3A-3D are a flowchart of a second embodiment of the presentinvention.

DESCRIPTION OF THE PREFERRED EMBODIMENT

In the following description, the present invention will be explainedwith reference to embodiments thereof. However, these embodiments arenot intended to limit the present invention to any specific environment,applications or particular implementations described in theseembodiments. Therefore, description of these embodiments is only forpurpose of illustration rather than limitation to the present invention.It should be appreciated that, in the following embodiments and theattached drawings, elements unrelated to the present invention areomitted from depiction; and dimensional relationships among individualelements in the attached drawings are illustrated only for ease ofunderstanding, but not to limit the actual scale.

A first embodiment of the present invention is shown in FIG. 1, which isa schematic view of a smart card management system. As can be seen fromFIG. 1, the smart card management system comprises a card server 1, asmart card access apparatus 2 and a smart card 3. The smart card accessapparatus 2 may be connected to the card server 1 via a network. Thesmart card 3 is electrically connected to the smart card accessapparatus 2 to interact with the card server 1 via the smart card accessapparatus 2. In this embodiment, the smart card access apparatus 2 is acell phone; however, in other embodiments, the smart card accessapparatus 2 may also be a card reader or other apparatuses that mayaccess the smart card 3, and this is not intended to limit scope of thepresent invention.

As can be seen from FIG. 1, the smart card 3 comprises a transmissioninterface 31, a microprocessor 33 and a storage unit 35. The smart card3 is electrically connected to the smart card access apparatus 2 via thetransmission interface 31, and the microprocessor 33 is electricallyconnected to the transmission interface 31 and the storage unit 35. Thestorage unit 35 currently stores a plurality of application data 350.How the card server 1, the smart card access apparatus 2 and the smartcard 3 interact with each other will be described hereinbelow.

When an on-line status is presented between the smart card readingapparatus 2 and the card server 1, the smart card access apparatus 2 mayreceive from the card server 1 a management tool 100 and managementinformation 102 corresponding to the plurality of application data 350,install the management tool 100 and transmit the management information102 to the smart card 3. The microprocessor 33 of the smart card 3 mayreceive the management information 102 via the transmission interface 31and store the management information 102 into the storage unit 35 forsubsequent use. It shall be noted that, the management tool 100 isconfigured to impart the smart card access apparatus 2 an ability toaccess the smart card 3. Hereinafter, any access made by the smart cardaccess apparatus 2 to the smart card 3 is accomplished by the managementtool 100; this may be readily understood by those of ordinary skill inthe art, and thus will not be further described herein.

In this embodiment, the plurality of application data 350 comprisesapplication data associated with an e-purse, a credit card and an Easycard, and the management information 102 comprises application datanames, application data IDs, application data access rights and otherinformation associated with the application data 350. In otherembodiments, rather than being limited thereto, the managementinformation 102 and the plurality of application data 350 may alsocomprise other additional application data and associated applicationinformation therein depending on practical needs.

For convenience of the following description, reference is made to FIG.2, which is a schematic view of a structure of the managementinformation 102. In FIG. 2, the field Applet Name stores applicationdata names of the application data, which are applet A (e-purse), appletB (credit card) and applet C (Easy card) respectively; the field AppletID stores IDs of the application data, which are 000A0A0A, 000A0A0B and000A0A0C respectively; the fields Readable, Writable and Configurableare configured to specify access rights of the application data, whichrespectively represent whether to allow an application datum to beactivated, whether to allow an application datum to be modified andstored, and whether to allow an access right of an application datum tobe modified. For these access rights, a setting value of True means“allowed” while a setting value of False means “not allowed”.

After receiving the management tool 100 and the management information102 from the card server 1, the smart card access apparatus 2 may bedisconnected from the card server 1 to present an off-line status. Ofcourse, whether the smart card access apparatus 2 shall be disconnectedfrom the card server 1 depends on requirements in practical use.However, to highlight the technical characteristics of the presentinvention, interactions between the smart card access apparatus 2 andthe smart card 3 to be described hereinafter will all be accomplishedunder the off-line status in which the smart card access apparatus 2 isdisconnected from the card server 1.

When a user who gets the smart card 3 and desires to access themanagement information 102 and the application data 350 of the smartcard 3 via the smart card access apparatus 2, the user must establishoff-line authentication information in the storage unit 35 of the smartcard 3 via the smart card access apparatus 2 as a measure to protect themanagement information 102 and the application data 350. For thispurpose, the user may transmit a setting signal 202 to the smart card 3via the smart card access apparatus 2. The transmission interface 31 ofthe smart card receives the setting signal 202 and transmits it to themicroprocessor 33, which then generates off-line authenticationinformation 330 according to the setting signal 202 and stores theoff-line authentication information 330 into the storage unit 35. Inthis embodiment, once the off-line authentication information 330 isestablished, the user must pass through authentication of the off-lineauthentication information 330 whenever the user desires to access anydata of the smart card 3, and the setting signal 202 is a password. Inother embodiments, whether the user must pass through authentication ofthe off-line authentication information 330 whenever the user desires toaccess any data of the smart card 3 depends on the practical use, andthe setting signal 202 may also be other information available forauthentication such as fingerprint information, vocal print informationand the like, and this is not intended to limit scope of the presentinvention.

After the off-line authentication information 330 is established, if theuser desires to operate the smart card 3, the user may transmit an inputsignal 204 via the smart card access apparatus 2 to the smart card 3.The transmission interface 31 of the smart card 3 receives the inputsignal 204 and transmits it to the microprocessor 33, which thendetermines whether the user is a legal user according to the inputsignal 204 and the off-line authentication information 330. In moredetail, the input signal 204 incorporates a password currently inputtedby the user, and the microprocessor 33 determines whether the passwordcurrently inputted is consistent with that incorporated in the off-lineauthentication information 330. If they are consistent with each other,it means that the user is a legal user; otherwise, if they areinconsistent with each other, the smart card 3 will deny any access bythe smart card access apparatus 3.

If it is determined that the user is a legal user, the microprocessor 33will read the management information 102 and transmit it to the smartcard access apparatus 2 via the transmission interface 31 so that themanagement information 102 may be presented by the smart card accessapparatus 2 to the user for use in further operations.

If the legal user desires to perform further operations on the smartcard 3, the legal user may transmit an operation signal 208 to the smartcard 3 via the smart card access apparatus 2. The transmission interface31 of the smart card 3 receives the operation signal 208 and transmitsit to the microprocessor 33, which then determines whether anapplication datum corresponding to the operation signal 208 is allowedto be accessed according to the operation signal 208 and the managementinformation 102. If the corresponding application datum is allowed to beaccessed, then the microprocessor 33 retrieves the correspondingapplication datum from the plurality of application data 350 and furthermakes a corresponding processing on the corresponding application datumaccording to operation signal 208; otherwise, if the correspondingapplication datum is not allowed to be accessed, then the microprocessor33 denies any access to the corresponding application datum.

For example, assuming that the legal user desires to activate theapplication datum applet A, the legal user may transmit an operationsignal 208 to the smart card 3 via the smart card access apparatus 2.The transmission interface 31 of the smart card 3 receives the operationsignal 208 and transmits it to the microprocessor 33, which thendetermines whether the application datum applet A is allowed to beactivated according to the operation signal 208 and the managementinformation 102. According to the management information 102 shown inFIG. 2, the field Readable of the application datum applet A has a valueof True, which means that the application datum applet A is allowed tobe activated. Accordingly, the microprocessor 33 will retrieve theapplication datum applet A and activate it according to the operationsignal 208. On the other hand, if the field Readable of the applicationdatum applet A in the management information 102 has a value of False,the microprocessor 33 will deny activation of the application datumapplet A.

Furthermore, if the legal user desires to modify the managementinformation 102, the legal user may further transmit a modificationsignal 206 to the smart card 3 via the smart card access apparatus 2.The transmission interface 31 of the smart card 3 receives themodification signal 206 and transmits it to the microprocessor 33. Themicroprocessor 33 then modifies the management information 102 accordingto the modification signal 206 to generate modified managementinformation 332, and stores the modified management information 332 intothe storage unit 35 to overwrite the management information 102.

For example, if the legal user desires to modify the Readable right ofthe application datum applet A into a value of False, the legal user mayfurther transmit a modification signal 206 to the smart card 3 via thesmart card access apparatus 2. The transmission interface 31 of thesmart card 3 receives the modification signal 206 and transmits it tothe microprocessor 33. The microprocessor 33 then modifies the fieldReadable of the application datum applet A of the management information102 into a value of False according to the modification signal 206 togenerate modified management information 332, and stores the modifiedmanagement information 332 into the storage unit 35 to overwrite themanagement information 102.

FIGS. 3A-3D show a second embodiment of the present invention, which isan access method for the smart card as described in the first embodimentand may be used with the smart card access apparatus and the card serveras described in the first embodiment. In more detail, the smart cardaccess apparatus may be connected to the card server via a network, andthe smart card may be electrically connected to the smart card accessapparatus to interact with the card server via the smart card accessapparatus. In this embodiment, the smart card access apparatus is a cellphone; however, in other embodiments, the smart card access apparatusmay also be a card reader or other apparatuses that may access the smartcard, and this is not intended to limit scope of the present invention.

More specifically, the smart card comprises a transmission interface, amicroprocessor and a storage unit. The transmission interface iselectrically connected to the smart card access apparatus, and themicroprocessor is electrically connected to the transmission interfaceand the storage unit. The storage unit currently stores a plurality ofapplication data. When an on-line status is presented between the smartcard reading apparatus and the card server present, the smart cardaccess apparatus may receive from the card server a management tool andmanagement information corresponding to the plurality of applicationdata. Hereinafter, any access made by the smart card access apparatus tothe smart card is accomplished by the management tool, and the aforesaidon-line status may be accomplished in a wireless or wired way; these maybe readily understood by those of ordinary skill in the art, and thuswill not be further described herein.

The access method of the second embodiment comprises the followingsteps. Referring to FIG. 3A at first, step 401 is executed to enable themicroprocessor to receive the management information via thetransmission interface, and step 402 is executed to enable themicroprocessor to store the management information into the storage unitfor subsequent use.

In this embodiment, the plurality of application data comprisesapplication data associated with an e-purse, a credit card and an Easycard, and the management information comprises application data names,application data IDs, application data access rights and otherinformation associated with the application data. In other embodiments,rather than being limited thereto, the management information and theplurality of application data may also comprise other additionalapplication data and associated application information thereindepending on practical needs.

For convenience of the following description, reference is made to FIG.2, which is a schematic view of a structure of the managementinformation. In FIG. 2, the field Applet Name stores application datanames of the application data, which are applet A (e-purse), applet B(credit card) and applet C (Easy card) respectively; the field Applet IDstores IDs of the application data, which are 000A0A0A, 000A0A0B and000A0A0C respectively; the fields Readable, Writable and Configurableare configured to specify access rights of the application data, whichrespectively represent whether to allow an application datum to beactivated, whether to allow an application datum to be modified andstored, and whether to allow an access right of an application datum tobe modified. For these access rights, a setting value of True means“allowed” while a setting value of False means “not allowed”.

After receiving the management tool and the management information fromthe card server, the smart card access apparatus may be disconnectedfrom the card server to present an off-line status. Of course, whetherthe smart card access apparatus shall be disconnected from the cardserver depends on requirements in practical use. However, to highlightthe technical characteristics of the present invention, interactionsbetween the smart card access apparatus and the smart card to bedescribed hereinafter will all be accomplished under the off-line statusin which the smart card access apparatus is disconnected from the cardserver.

Next, referring to FIG. 3A, step 403 is executed to enable themicroprocessor to determine whether a user is to access the managementinformation. If not, then referring to FIG. 3B, step 408 is executed toenable the transmission interface to receive an operation signal formthe user. Then, step 409 is executed to enable the microprocessor todetermine whether a corresponding application datum is allowed to beaccessed according to the operation signal and the managementinformation. If it is not allowed, then step 412 is executed to enablethe microprocessor to deny the access to the corresponding applicationdatum; otherwise, if it is allowed, step 410 is executed to enable themicroprocessor to retrieve the corresponding application datum from theplurality of application data, and then step 411 is executed to enablethe microprocessor to perform a corresponding processing on thecorresponding application datum according to the operation signal.

For example, if the user desires to activate the application datumapplet A, then the microprocessor determines in step 403 that the useris not to access the management information. Then step 408 is executedto enable the transmission interface to receive an operation signal fromthe user, and step 409 is executed to enable the microprocessor todetermine whether a corresponding application datum is allowed to beaccessed according to the operation signal and the managementinformation. In this example, step 409 is to enable the microprocessorto determine whether the application datum applet A is allowed to beactivated according to the operation signal and the managementinformation. According to the management information 102 shown in FIG.2, the field Readable of the application datum applet A has a value ofTrue, which means that the application datum applet A is allowed to beactivated. Hence, step 410 is executed to enable the microprocessor toretrieve the application datum applet A from the plurality ofapplication data, and step 411 is executed to enable the microprocessorto perform a corresponding processing on the application datum applet Aaccording to the operation signal (i.e., to activate the applicationdatum applet A in this example). Otherwise, if the field Readable of theapplication datum applet A has a value of False, then step 412 isexecuted to enable the microprocessor to deny the access to theapplication datum applet A (i.e., to deny activation of the applicationdatum applet A in this example).

Referring back to FIG. 3A, if it is determined in step 403 that the useris to access the management information, then step 404 is executed toenable the microprocessor to determine whether the managementinformation is accessed for the first time. If yes, then referring toFIG. 3C, step 413 is executed to enable the transmission interface toreceive a setting signal from the user, and step 414 is executed toenable the microprocessor to generate off-line authenticationinformation according to the setting signal. Thereafter, step 415 isexecuted to enable the microprocessor to store the off-lineauthentication information into the storage unit. In this embodiment,the setting signal is a password; however, in other embodiments, thesetting signal may also be other information available forauthentication such as fingerprint information, vocal print informationand the like, and this is not intended to limit scope of the presentinvention.

Upon completion of step 415 or if it is determined in step 404 that themanagement information is not accessed for the first time, then step 405is executed to enable the transmission interface to receive an inputsignal from the user. Subsequently, step 406 is executed to enable themicroprocessor to determine whether the user is a legal user accordingto the input signal and the off-line authentication information. If theuser is not a legal user, then step 407 is executed to enable themicroprocessor to deny the access to the management information.

In more detail, the input signal comprises a password currently inputtedby the user, and the microprocessor will determine whether the passwordcurrently inputted by the user is consistent with a passwordincorporated in the off-line authentication information. If they areconsistent with each other, it means that the user is a legal user;otherwise, if they are inconsistent with each other, the smart card willdeny to be accessed by the smart card access apparatus.

If it is determined in step 406 that the user is a legal user, thenreferring to FIG. 3D, step 416 is executed to enable the microprocessorto determine whether an modification signal is received by thetransmission interface. If not, then step 419 is executed to enable themicroprocessor to transmit the management information to the smart cardaccess apparatus; otherwise, if yes, then step 417 is executed to enablethe microprocessor to modify the management information according to themodification signal to generate modified management information, andstep 418 is executed to enable the microprocessor to replace themanagement information with the modified management information andstore the modified management information into the storage unit.

For example, assuming that a legal user desires to modify the Readableright of the application datum applet A into a value of False, then instep 417, the microprocessor modifies the management informationaccording to the modification signal to generate modified managementinformation. In this example, this is to enable the microprocessor tomodify the Readable right of the applet A of the management informationinto a value of False, thereby to generate modified managementinformation. Then step 418 is executed to enable the microprocessor toreplace the management information with the modified managementinformation and store the modified management information into thestorage unit.

In addition to the aforesaid steps, the second embodiment can alsoexecute all the operations and functions set forth in the firstembodiment. How the second embodiment executes these operations andfunctions will be readily appreciated by those of ordinary skill in theart based on the explanation of the first embodiment, and thus will notbe further described herein.

According to the above description, the present invention ischaracterized in that, when a smart card access apparatus isdisconnected from a card server, the smart card may modify themanagement information according to the modification signal to generatemodified management information when the smart card access apparatus isdisconnected from the card server. In this way, the prevent inventionmay overcome the drawback of the prior art that the managementinformation stored in the smart card may only be modified when the smartcard access apparatus is connected to the card server.

The above disclosure is related to the detailed technical contents andinventive features thereof. People skilled in this field may proceedwith a variety of modifications and replacements based on thedisclosures and suggestions of the invention as described withoutdeparting from the characteristics thereof. Nevertheless, although suchmodifications and replacements are not fully disclosed in the abovedescriptions, they have substantially been covered in the followingclaims as appended.

1. A smart card adapted for use with a smart card management system, thesmart card management system comprising a smart card access apparatusand a card server, the smart card access apparatus being electricallyconnected to the smart card and adapted to transmit a modificationsignal of a user, the smart card comprising: a transmission interface,being electrically connected to the smart card access apparatus andconfigured to receive the modification signal; a storage unit, beingconfigured to store a plurality of application data and managementinformation corresponding to the application data; and a microprocessor,being electrically connected to the storage unit and the transmissioninterface and configured to modify the management information accordingto the modification signal to generate modified management informationwhen the smart card access apparatus is disconnected from the cardserver.
 2. The smart card as claimed in claim 1, wherein the smart cardaccess apparatus is further configured to transmit an operation signalof the user, the transmission interface is further configured to receivethe operation signal, the microprocessor is further configured toretrieve a corresponding application datum from the plurality ofapplication data according to the operation signal and the managementinformation, and to perform a corresponding processing on thecorresponding application datum according to the operation signal. 3.The smart card as claimed in claim 1, wherein the smart card accessapparatus is further configured to transmit an input signal of the user,the transmission interface is further configured to receive the inputsignal, the storage unit is further configured to store off-lineauthentication information, and the microprocessor is further configuredto identify that the user is a legal user according to the input signaland the off-line authentication information.
 4. The smart card asclaimed in claim 1, wherein when an on-line status is presented betweenthe smart card access apparatus and the card server, the smart cardaccess apparatus is adapted to receive the management information fromthe card server, and the microprocessor is further configured to receivethe management information via the transmission interface and store themanagement information into the storage unit.
 5. The smart card asclaimed in claim 3, wherein the smart card access apparatus is furtherconfigured to transmit a setting signal of the user, the transmissioninterface is further configured to receive the setting signal, and themicroprocessor is further configured to generate the off-lineauthentication information according to the setting signal and store theoff-line authentication information into the storage unit.
 6. An accessmethod for use in a smart card, the smart card being adapted for usewith a smart card management system, the smart card management systemcomprising a smart card access apparatus and a card server, the smartcard access apparatus being electrically connected to the smart card andadapted to transmit a modification signal of a user, the smart cardcomprising a transmission interface, a storage unit and a microprocessorelectrically connected to the storage unit and the transmissioninterface, the transmission interface being electrically connected tothe smart card access apparatus, the storage unit being configured tostore a plurality of application data and management informationcorresponding to the application data, the access method comprising thefollowing steps of: (A) enabling the transmission interface to receivethe modification signal; and (B) enabling the microprocessor to modifythe management information according to the modification signal togenerate modified management information when the smart card accessapparatus is disconnected from the card server.
 7. The access method asclaimed in claim 6, wherein the smart card access apparatus is furtherconfigured to transmit an operation signal of the user, the accessmethod further comprises the following steps of: enabling thetransmission interface to receive the operation signal; enabling themicroprocessor to retrieve a corresponding application datum from theplurality of application data according to the operation signal and themanagement information; and enabling the microprocessor to perform acorresponding processing on the corresponding application datumaccording to the operation signal.
 8. The access method as claimed inclaim 6, wherein the smart card access apparatus is further configuredto transmit an input signal of the user, the storage unit is furtherconfigured to store off-line authentication information, the accessmethod further comprises the following steps of: enabling thetransmission interface to receive the input signal; and enabling themicroprocessor to identify that the user is a legal user according tothe input signal and the off-line authentication information.
 9. Theaccess method as claimed in claim 6, wherein when an on-line status ispresented between the smart card access apparatus and the card server,the smart card access apparatus is adapted to receive the managementinformation from the card server, the access method further comprisesthe following steps of: enabling the microprocessor to receive themanagement information via the transmission interface; and enabling themicroprocessor to store the management information into the storageunit.
 10. The access method as claimed in claim 8, wherein the smartcard access apparatus is further configured to transmit a setting signalof the user, the access method further comprises the following steps of:enabling the transmission interface to receive the setting signal;enabling the microprocessor to generate the off-line authenticationinformation according to the setting signal; and enabling themicroprocessor to store the off-line authentication information into thestorage unit.